KollectTools/Docker-Images
18
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

build: add frontend-builder image and bake buf into java-builder

Browse Source 
ci/frontend-builder (new): Node 24 + pnpm 10 + buf 1.55 + global
@bufbuild/protoc-gen-es 2.4 + Playwright chromium runtime libs +
ORAS. Used by KollectAI-ETL frontend CI to run TS proto codegen
locally (buf.gen.yaml uses `local: protoc-gen-es`) instead of the
rate-limited BSR remote-plugin path.

ci/java-builder: added the standalone buf binary so `buf lint` runs
in CI without an inline curl install. Backend Java codegen stays in
the Maven build (protobuf-maven-plugin), so no protoc plugins are
added to this image.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Fadhli Azhari
2026-04-28 15:06:00 +08:00
parent fdd8544ed9
commit f9fb4ce4cd
4 changed files with 196 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ci/frontend-builder/README.md
+72
View File
@@ -0,0 +1,72 @@
# Frontend Builder — CI Image
Pre-baked build environment for KollectAI-ETL frontend (SvelteKit) CI jobs and protobuf TypeScript code generation.
## What's included
- Node.js 24 (`node:24-bookworm-slim`)
- pnpm 10 (via corepack)
- [buf](https://buf.build) CLI — for `buf lint` and `buf generate`
- [`@bufbuild/protoc-gen-es`](https://www.npmjs.com/package/@bufbuild/protoc-gen-es) — installed globally so `buf` v2 `local: protoc-gen-es` resolves via PATH (no BSR remote-plugin calls)
- Playwright chromium runtime libraries pre-installed (`libnss3`, `libgbm1`, `libasound2`, etc.) — so `playwright install chromium` works without `--with-deps` apt fetches
- ORAS CLI — for uploading test reports / audit artifacts to Harbor
- `git`, `jq`, `curl`, `unzip`
## Build
```bash
docker build -t 192.168.1.72/kollect-tools/ci/frontend-builder:latest ci/frontend-builder/
docker push 192.168.1.72/kollect-tools/ci/frontend-builder:latest
```
### Build args
| Arg | Default | Description |
|-----|---------|-------------|
| `NODE_MAJOR` | `24` | Node.js major version (matches Node base image) |
| `PNPM_VERSION` | `10.15.0` | pnpm version (corepack-activated) |
| `BUF_VERSION` | `1.55.0` | buf CLI version |
| `PROTOC_GEN_ES_VERSION` | `2.4.0` | `@bufbuild/protoc-gen-es` version (bump in lockstep with frontend's `@bufbuild/protobuf` runtime) |
| `ORAS_VERSION` | `1.2.2` | ORAS CLI version |
## Usage in CI
```yaml
jobs:
test-unit:
runs-on: ubuntu-latest
container:
image: 192.168.1.72/kollect-tools/ci/frontend-builder:latest
steps:
- uses: actions/checkout@v6
- run: pnpm install --frozen-lockfile
working-directory: frontend/svelte
- run: pnpm test
working-directory: frontend/svelte
```
For protobuf TS codegen (`buf.gen.yaml` declares `local: protoc-gen-es`):
```yaml
- name: Generate proto TS bindings
working-directory: proto
run: buf generate
```
For Playwright E2E (drop `--with-deps` because system libs are pre-installed):
```yaml
- name: Install Playwright browsers
working-directory: frontend/svelte
run: pnpm exec playwright install chromium
```
## Maintenance
Rebuild on dependency bumps:
- New Node major → bump `NODE_MAJOR`, push image
- pnpm bump → bump `PNPM_VERSION`, push image
- buf protocol changes → bump `BUF_VERSION` and `PROTOC_GEN_ES_VERSION`, push image
The CI workflow's weekly schedule rebuilds the image to keep base layers patched.